foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-02-07 12:19:07 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

hosts/plover: update DNS zone and server configuration

Browse Source
This commit is contained in:
Gabriel Arazas 2023-02-17 23:10:52 +08:00
parent ff1927deb5
commit b3ce46ccf9
No known key found for this signature in database
GPG Key ID: ADE0C41DAB221FCC
2 changed files with 23 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
hosts/plover/config/coredns/foodogsquared.one.zone
View File

@ -1,18 +1,17 @@
; This is trying to be discrete with certain information. This should be copied ; This is trying to be discrete with certain information. This should be copied
; and replaced with more confidential information somewhere. ; and replaced with more confidential information somewhere.
$TTL 12h $TTL 12h
$ORIGIN foodogsquared.one.
@ IN SOA ns1.first-ns.de. dns.hetzner.com. ( @ 3600 IN SOA ns1.first-ns.de. hostmaster.foodogsquared.one. (
2023021501 ; serial number 2023021701 ; serial number
2h ; refresh 1h ; refresh
15m ; update retry 15m ; update retry
3w ; expiry 3w ; expiry
3h ; nx = nxdomain ttl 3h ; nx = nxdomain ttl
) )
IN NS ns1.first-ns.de. 3600 IN NS ns1.first-ns.de.
IN NS robotns2.second-ns.de. 3600 IN NS robotns2.second-ns.de.
IN NS robotns3.second-ns.com. 3600 IN NS robotns3.second-ns.com.
; Setting up the mail-related DNS entries. ; Setting up the mail-related DNS entries.
; For future references, please the see the following document at ; For future references, please the see the following document at
@ -61,6 +60,9 @@ code IN AAAA @ploverPublicIPv6@
vpn IN A @ploverPublicIPv4@ vpn IN A @ploverPublicIPv4@
vpn IN AAAA @ploverPublicIPv6@ vpn IN AAAA @ploverPublicIPv6@
plover IN A @ploverPublicIPv4@
plover IN AAAA @ploverPublicIPv6@
; Other things. ; Other things.
_github-pages-challenge-foo-dogsquared IN TXT 673febae1ea0095e76d1e02a7a1709 _github-pages-challenge-foo-dogsquared IN TXT 673febae1ea0095e76d1e02a7a1709

21
hosts/plover/modules/services/coredns.nix
View File

@ -91,8 +91,13 @@ in
# https://docs.hetzner.com/dns-console/dns/general/dnssec # https://docs.hetzner.com/dns-console/dns/general/dnssec
config = '' config = ''
. { . {
log log ${domain} ${fqdn} {
errors class success error
}
errors {
consolidate 1m "^.* no next plugin found$"
}
bind lo ${lib.concatStringsSep " " dnsListenAddresses} { bind lo ${lib.concatStringsSep " " dnsListenAddresses} {
# These are already taken from systemd-resolved. # These are already taken from systemd-resolved.
@ -114,10 +119,6 @@ in
block block
} }
transfer ${domain} {
to *
}
# ${fqdn} DNS server blocks. This is an internal DNS server so we'll # ${fqdn} DNS server blocks. This is an internal DNS server so we'll
# only allow queries from the internal network. # only allow queries from the internal network.
acl ${fqdn} { acl ${fqdn} {
@ -134,7 +135,13 @@ in
answer "{{ .Name }} IN 60 AAAA ${interfaces.internal.IPv6.address}" answer "{{ .Name }} IN 60 AAAA ${interfaces.internal.IPv6.address}"
} }
file ${domainZoneFile'} file ${domainZoneFile'} ${domain} {
reload 30s
}
transfer ${domain} {
to ${lib.concatStringsSep " " secondaryNameServersIPs}
}
} }
tls://. { tls://. {